Affiliate Disclosure: By buying the products we recommend, you help keep the lights on at MakeUseOf. Read more.
One night you’re playing video games, the next morning your bank accounts have been emptied. It seems like a farfetched scenario that has no chance of happening to you, right? That’s what everyone thinks right before they have their identities stolen.
As the gaming industry continues to pull in multibillion-dollar revenues, hackers and scammers are salivating at the chance to steal a cut of the pie. In 2014, PC/MMO gaming revenue broke $24 billion and mobile gaming revenue broke $21 billion. With all of that money comes a lot of greedy hands.
Don’t become a victim. Stay smart, stay alert, and stay protected against the worst security and malware threats to gamers like you and me.
Spoofing & Phishing
The idea of spoofing may be somewhat alien to the average person, let alone the average gamer, but there’s a good chance you’ve run into it at some point or another. In short, spoofing is a colloquial term for “trickery by imitation” of which the most well-known example is phishing.
For those who don’t know, phishing is a scamming technique that involves copycat websites or fraudulent URLs as a way to trick users into entering login credentials (e.g. for gaming accounts) and sensitive personal data (e.g. credit card numbers).
Once entered, the phisher retains all of that information in his database.
Spoofed websites have been around for a long time, but spoofing techniques are becoming more advanced. For example, there are social media bots that monitor social media chatter for gamers in need of technical support, then direct those users to spoofed websites where they need to enter their login credentials (and thus give them away without knowing it).
How to stay safe: Phishing is very popular in emails, so borrow from these email security tips and never click links directly. If you’re asked to log in by a company, always type in the website’s URL by hand. For complex links, use these link checker tools to see if they’re safe before you visit them.
Malicious File Downloads
Malware is the worst thing on the Internet. At best, it’s an inconvenience that can steal away hours of your life as you remove that malware. At worst, it can destroy your device(s), cause you to lose important files and data, or even rob you of your identity.
Gaming is a download-heavy activity, particularly if you do most of your gaming on a PC. You’ve got installer files, anti-cheats, third-party modifications, in-game interface tweaks, etc. While you’ll be fine 99% of the time, there’s always that 1% chance that you’ll get served a fake, malicious file.
And what’s the worst kind of malware to contract? Keyloggers. A keylogger is a program that sits in the background and records your keystrokes, which are then sent to a remote server somewhere for analysis. In essence, keyloggers are used to steal usernames, passwords, credit card numbers, and more.
For example, bots on Twitch.TV have sprung up and started spreading unwanted programs — including a personal data scraper and an adware virus — through chat channel links. In addition, fake third-party Twitch.TV tools exist designed to imitate actual tools but are nothing more than malware in disguise.
How to stay safe: Always have some kind of free antivirus program installed and be sure to follow these common sense tips for avoiding malware downloads. Also, scan your system every so often using these anti-keylogger tools to ensure that nobody is recording your keystrokes.
Social Engineering Scams
Social engineering became something of an Internet buzzword a few years ago, but the underlying concept is as old as humanity. Simply put, it’s a form of manipulation that gets the victim to divulge confidential information all on their own.
In gaming communities, social engineering is used to scam people of their accounts, their virtual goods, or their credit card numbers. Depending on the circumstances, there can be a lot of overlap with Facebook scams, Craigslist scams, and eBay scams.
Steam is a good example of this. While Steam itself is a massive cornerstone in PC gaming, the Steam community is rarely deserving of praise. There are lots of scammers out there — most, but not all, are bots — that trick users into giving away their items, cards, gifts, and even entire accounts.
Any time you participate in a real money transaction or virtual trade, you’re putting yourself at risk. That holds true whether you’re trading Steam cards or purchasing black market gold for World of Warcraft. And then there’s EVE Online, where social engineering is actually part of the gameplay.
How to stay safe: Most anti-scam advice is the same regardless of the medium. Never give out your usernames or passwords. Don’t click links from untrusted sources. However, we do advise that you also adhere to these tips for mitigating social engineering attacks.
You’ve probably heard of it by now. In 2011, several major databases owned by Sony were compromised by hackers, including but not limited to the databases used for the PlayStation Network and Sony Online Entertainment.
The final tally? 102 million affected accounts. At least 12 million of those accounts involved unencrypted credit card information.
Then in 2014, a group of sixteen hackers in South Korea spoofed six major online gaming sites and stole the login credentials of over 27 million people. They used the credentials to steal various forms of in-game virtual currency, eventually costing $2 million worth of damage to the South Korean economy.
How to stay safe: Realize that no company in the world is ever 100% secure. There will always be some level of risk when you use your credit card online. Sometimes these breaches are outside of your control, but here’s what you can do to best protect yourself against online identity theft.
Stay Safe Out There!
Of course, on top of everything mentioned above you should be practicing good security habits like setting up a firewall, staying up-to-date with the latest software versions, being wary of anything that seems too good to be true, and never sharing your accounts with others.
Has your security ever been compromised due to an online game? Have you ever faced any of these issues? Tell us about your experiences in the comments below!